Keeping script kiddies at bay with mod_evasive and iptables

mod_evasive is a nice Apache module that helps to protect your server against DoS attacks.

However, when a client is blocked, it will keep on using resources on your server. Even if the request will result in a 403 error, it’s still a connection that needs to be handled. In some cases, it might require spawning a new process for no good reason.

It’s quite easy to configure mod_evasive so that the evil IPs are blocked via the machine firewall, though:

before every other rule (it should be one of the first rules in your INPUT chain). Anyway, if you’re not familiar with firewall rules, you should look for some tutorials and documentation to study a bit.